SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Hackaday

This Week In Security: Second Verse, Worse Than The First

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the ...

Top LLM PyPl package compromised to steal user details

Aqua Security’s Trivy vulnerability scanner compromise is trickling down ...

Major compromise of the telnyx PyPI library could put millions of users at risk

JFrog reports Telnyx PyPI package was poisoned with malware by TeamPCP Malicious update delivered hidden .wav payload that ...
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...
Global Investigative Journalism Network

Techniques for Investigating Data Centers

Expert tips for reporting on the impact of the resource-hungry data storage facilities that power AI — from water exploitation to greenwashing to flouting environmental regulations.

This New CLI Tool Just Made Deploying AI Agents Ridiculously Easy

Langraph Deploy CLI lets developers create, test, and deploy AI agents from the terminal, with templates and langraph deploy ...